CVE-2018-25320
CriticalSummary
ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function.
Risk Assessment
Attackers can use bitsadmin to download malicious PowerShell scripts and execute them with system privileges, leading to complete system control.
Recommendation
It is recommended to update to the latest version of ACL Analytics to mitigate this vulnerability and to monitor systems for potential attack attempts.
Original NVD description (English source)
ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers can use bitsadmin to download malicious PowerShell scripts and execute them with system privileges to establish reverse shells and gain complete system control.

